CIR Team
Maintain Strong Cybersecurity Processes and Functions
With roles and responsibilities identified, the activities to be performed by the respective team to ensure the organization can manage the cyber security program effectively are as spelt out in Figure 3-5. As organizations vary in size, nature, business processes, and the like, processes/functions must be customized to the organization's needs.
Processes/ Functions |
Information Security |
IT Security |
Cyber Security |
|
✓ |
- |
- |
|
- |
✓ |
- |
|
- |
- |
✓ |
Figure 3-5: Process and Functions Undertaken by the Type of Teams
Common Processes/ Functions Performed by the Three Teams
- Perform risk assessment
- Identify business functions and impacts
- Develop/Implement mitigation/response measures
- Test and exercise plan
- Engage with third parties
- Audit plan and third parties' plan
- Create awareness
- Build culture
Related Concept to Cybersecurity Coverage by IT Teams
Type of Coverage by IT Team | Team Composition | Maintain Strong Cybersecurity Processes and Functions | Skill Sets and Long-Term Challenges | Back To: Team Handling CIR |
Do You Want to Continue BCM Training onsite or online?
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 3 What Are the Typical IT Teams Handling Security for IT? 3.5 Processes and Functions
Note: This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.